Help on setting up Sync Gateway with shadowing for a POC

[Johan Pelgrim]

Hi everybody,

I'm investigating the Couchbase Lite, Sync Gateway and Couchbase Server combo for a POC. I want to sync a large existing bucket to various mobile devices and go from there. I noticed that the TodoLite demo uses a preconfigured SYNC_URL which points to a nicely configured Sync Gateway, but I want to use my own Sync Gateway. I'm having trouble setting up Couchbase Server and Sync Gateway properly on my local machine. In particular when trying to 'shadow' an existing bucket.

@Couchbase: Are you planning on expanding the samples to include setting up the CouchBase Server and Sync Gateway from scratch properly? Also on how to properly setup shadowing? If so could you also include some small (command line / REST) tests to test the setup? I'm typically referring to the Sync Gateway config.json and the necessity to add users / defining channels and sync functions etc. It's a POC I'm working on, so I'm happy to set everything up with guest accounts / use open databases etc., because it's just on my machine. Any help is very much appreciated! I'd be happy to write a blog-post about the POC when I have it working (because I really want it to work! I think the whole JSON anywhere approach is very promising and I would like my POC to work ;-)

Kind regards,

Johan Pelgrim

The Netherlands

[Traun Leyden]

On Wed, Jun 4, 2014 at 2:30 AM, Johan Pelgrim <johan....@gmail.com> wrote:

 I'm having trouble setting up Couchbase Server and Sync Gateway properly on my local machine. In particular when trying to 'shadow' an existing bucket.

Can you describe the specific problems you are running into?

[Johan Pelgrim]

Hi Traun,

I was referring to the sentence "(...) add a new property called shadow to the database configuration object (...)" in the bucket shadowing docs with the config snippet:

"shadow": {

   "server": "http://localhost:8091",

   "bucket": "myapp"

}

It was unclear to me where to put this in my config.json file. I would have preferred if you would have simply put a complete and valid config section there, which makes it much easier to pick up for newbies in the NoSQL and Sync Gateway domain. I.e. something like this.

{

   "interface":":4984",

   "adminInterface":":4985",

   "log":["REST"],

   "databases":{

      "sync_gateway":{

         "server":"http://localhost:8091",

         "bucket":"sync_gateway",

         "sync":`function(doc) {channel(doc.channels);}`,

         "shadow": {

            "server": "http://localhost:8091",

            "bucket": "name_of_the_bucket_you_want_to_shadow"

         }

      }

   }

}

The other thing is what is the minimal configuration as far as user access is concerned. I believe all the sync databases have a default GUEST user configured, but it is disabled? I didn't get the sync to work before I added a user via the Sync Admin REST API, explicitly added that user in the sync function with access to my channel and used a basic authenticator on my Replication instance in Android. You can set restriction on the bucket, channels, roles, login via Facebook, Persona's custom cookies, etc. It's a bit overwhelming if you are new on all the subjects (like I am). I would love to see some end-to-end example there. I.e. setup Couchbase Server, of course you have to set an admin username / password, but you can also restrict your buckets? How could and why should you do this? Then you can add user sections to the Sync Gateway config, but you must also add them via the Sync Admin REST api on port 4985, etc. You can explicitly grant access to users and roles via the sync function. Then you have to do something with setting an Authenticator on the Replication instance, etc. I got it working, it's all there in various places. I'm just saying I'd like to see a more elaborate section which combines all the components (Couchbase Lite for Android / iOS, Sync Gateway, Couchbase Server) in a single end-to-end / step-by-step tutorial.

Cheers,

Johan.

[Jens Alfke]

On Jun 5, 2014, at 12:10 PM, Johan Pelgrim <johan....@gmail.com> wrote:

The other thing is what is the minimal configuration as far as user access is concerned. I believe all the sync databases have a default GUEST user configured, but it is disabled?

Guest is disabled. Initially we had it enabled, but I decided that it’s better to be secure by default. Otherwise someone might not realize that they have to disable guest access, and then end up with a massive security hole. One compromise would be to have a default user account like “admin”, but then it needs to have a hardcoded password, and we all know how many attacks there have been on software that ships with hardcoded credentials, because people tend to not remove them.

—Jens